Tuesday, March 17, 2009

Alert: DNS Trojan hijacks entire LAN

A new rash of Trojans has been detected that attempts to hijack entire local area networks (LAN) by masquerading as a DHCP server on the network. This allows the malware to set itself up as the domain name server (DNS).

This will allow for the possibility for even hardened or non-Windows machines to be misdirected to visit malicious sites in order to exploit any vulnerabilities that they might have.

Johannes Ullrich, CTO of the SANS Internet Storm Center highlighted the danger of this attack vector as "This kind of malware is definitely dangerous because it affects systems that themselves are not vulnerable. So all you need is one system infected in the network and it will affect a lot of other non-vulnerable systems."!

more...

No comments:

Post a Comment